<?php
	require "db.php";
	$user = 'root';
	$pass = '';
	$db = new PDO('mysql:host=localhost;dbname=sound', $user, $pass);


$date_file = date("dmYGiv");

$avatar = $_FILES['ava']['name'];
$avatar_user = addDateToFileName($avatar);

$login = test_input($_POST["nick_user"]);
$desc_user = test_input($_POST["desc_user"]);
$id_polz = $_SESSION['logged_user']->id;

function addDateToFileName($file_name){
        $name = substr($file_name, 0, strrpos($file_name, '.'));  
        $extension = substr($file_name, strrpos($file_name, '.'));

        $date_file = date('dmYGiv');

        return $date_file . $extension;
    }
	
	
function test_input($data) {
		$data = trim($data);
		$data = stripslashes($data);
		$data = htmlspecialchars($data);
		return $data;
	}
	
	
    $update_columns = array();
    if(trim($avatar_user) !== "")   { $update_columns[] = "avatar_user = :avatar_user"; }
    if(trim($login) !== "")  { $update_columns[] = "login = :login"; }
	if(trim($desc_user) !== "")  { $update_columns[] = "desc_user = :desc_user"; }
	
	$sql = "UPDATE `users` SET " . implode(", ", $update_columns) . " WHERE `id` = $id_polz;";
	
	$statement = $db->prepare($sql);
	
        if(trim($avatar_user) !== ""){
            $statement->bindParam(":avatar_user", $avatar_user);
        }
        if(trim($login) !== ""){
            $statement->bindParam(":login", $login);
        }
		if(trim($desc_user) !== ""){
            $statement->bindParam(":desc_user", $desc_user);
        }
	$statement->execute();
	

if(move_uploaded_file($_FILES['ava']['tmp_name'], 'music/' . $avatar_user)){
	header("Location: logout.php");
} else{
	header("Location: logout.php");
}
?>